The current state of affairs: A for-profit, well-funded US firm with a public web site and contact info is scanning the Internet looking for unprotected SIP-PSTN gateways. When they find them, they use the gateways to terminate international LD calls.
Are *your* SIP gateways designed to restrict such traffic? Do you, by default, accept SIP traffic from just anywhere? If so, how do you know that call is authorized? Do you support SIP authentication on sip peering / trunk group calls? (Here's the quick answer: no, almost none of the carrier SIP equipment vendors that I've worked with support SIP authentication.) If "no" to these questions, do you have a way to build packet access lists in the device to protect itself against unauthorized SIP? If so, do you recommend to customers that they enable these? It took email server vendors a while, but they eventually started shipping software that defaulted to *not* allowing spam relay. The Cisco AS5400, in at least one 12.4 IOS release, configured to route calls between a SIP proxy and the PSTN via PRI, will generally route calls received inbound via SIP to the PSTN. The Cisco TAC indicated that the sip-server statement defined the trusted endpoints from which the AS5400 would accept SIP, but this turns out not to be the case. Our only known recourse is an access list, but this is effective. I personally know of numerous unprotected AS5400's on the Internet. What about all the IOS IADs out there? Mark R. Lindsey | ECG | +1-229-316-0013 | [EMAIL PROTECTED] _______________________________________________ Sip-implementors mailing list [email protected] https://lists.cs.columbia.edu/cucslists/listinfo/sip-implementors
